Apache 漏洞列表
共找到 200 个与 Apache 相关的漏洞
📅 加载漏洞趋势中...
- 2025-10-28Apache Tomcat URL重写绕过漏洞 (CVE-2025-55752)
- 2025-09-12Apache ZooKeeper /commands/snapshot 权限绕过漏洞(CVE-2024-51504)
- 2025-09-05Apache Linkis 权限绕过漏洞(CVE-2023-27987)
- 2025-09-01CVE-2019-17558: Apache Solr Velocity Template RCE
- 2025-09-01tomcat-default-login: Apahce Tomcat Manager Default Login
- 2025-09-01flink-unauth-rce: Apache Flink Unauth RCE
- 2025-09-01solr-file-read: Apache Solr <= 8.8.1 Arbitrary File Read
- 2025-08-29Apache Struts2 S2-067 /index.action 文件上传漏洞(CVE-2024-53677)
- 2025-08-29Apache CXF Aegis databinding /test 文件读取漏洞(CVE-2024-28752)
- 2025-08-29Apache Struts2 2.0.0~2.2.3 S2-007 /user.action 命令执行漏洞(CVE-2012-0838)
- 2025-08-25Apache ActiveMQ Artemis Console存在默认账号密码
- 2025-08-22Apache OFBiz StatsSinceStart 远程代码执行漏洞(CVE-2024-45507)
- 2025-08-22Apache OFBiz /partymgr/control/getJSONuiLabel 服务器端请求伪造漏洞(CVE-2023-50968)
- 2025-08-21Apache Solr /solr/admin/cores XML 外部实体注入漏洞(CVE-2017-12629)
- 2025-08-19Apache Druid存在服务器请求伪造漏洞(CVE-2025-27888)
- 2025-08-05Apache HugeGraph存在代码注入漏洞(CVE-2024–27348)
- POC 2025-08-01CVE-2020-13935: Apache Tomcat WebSocket Frame Payload Length Validation Denial of Service
- POC 2025-08-01CVE-2021-45046-DAST: Apache Log4j2 - Remote Code Injection
- POC 2025-08-01CVE-2007-2449: Apache Tomcat 4.x-7.x - Cross-Site Scripting
- POC 2025-08-01CVE-2007-4556: OpenSymphony XWork/Apache Struts2 - Remote Code Execution
- POC 2025-08-01CVE-2010-0219: Apache Axis2 Default Login
- POC 2025-08-01CVE-2012-0392: Apache Struts2 S2-008 RCE
- POC 2025-08-01CVE-2012-0394: Apache Struts <2.3.1.1 - Remote Code Execution
- POC 2025-08-01CVE-2013-1965: Apache Struts2 S2-012 RCE
- POC 2025-08-01CVE-2013-2248: Apache Struts - Multiple Open Redirection Vulnerabilities
- POC 2025-08-01CVE-2013-2251: Apache Struts 2 - DefaultActionMapper Prefixes OGNL Code Execution
- POC 2025-08-01CVE-2016-3081: Apache S2-032 Struts - Remote Code Execution
- POC 2025-08-01CVE-2016-3088: Apache ActiveMQ Fileserver - Arbitrary File Write
- POC 2025-08-01CVE-2016-4437: Apache Shiro 1.2.4 Cookie RememberME - Deserial Remote Code Execution Vulnerability
- POC 2025-08-01CVE-2016-4975: Apache mod_userdir CRLF injection
- 2025-08-01CVE-2016-8735: Apache Tomcat - Remote Code Execution via JMX Ports
- POC 2025-08-01CVE-2017-12611: Apache Struts2 S2-053 - Remote Code Execution
- POC 2025-08-01CVE-2017-12615: Apache Tomcat Servers - Remote Code Execution
- POC 2025-08-01CVE-2017-12617: Apache Tomcat - Remote Code Execution
- POC 2025-08-01CVE-2017-12629: Apache Solr <= 7.1 - XML Entity Injection
- POC 2025-08-01CVE-2017-12635: Apache CouchDB 1.7.0 / 2.x < 2.1.1 - Remote Privilege Escalation
- POC 2025-08-01CVE-2017-15715: Apache httpd <=2.4.29 - Arbitrary File Upload
- POC 2025-08-01CVE-2017-5638: Apache Struts 2 - Remote Command Execution
- POC 2025-08-01CVE-2017-9791: Apache Struts2 S2-053 - Remote Code Execution
- POC 2025-08-01CVE-2017-9805: Apache Struts2 S2-052 - Remote Code Execution
- POC 2025-08-01CVE-2018-11759: Apache Tomcat JK Connect <=1.2.44 - Manager Access
- POC 2025-08-01CVE-2018-11776: Apache Struts2 S2-057 - Remote Code Execution
- POC 2025-08-01CVE-2018-11784: Apache Tomcat - Open Redirect
- POC 2025-08-01CVE-2018-1335: Apache Tika < 1.1.8 - Header Command Injection
- POC 2025-08-01CVE-2018-8006: Apache ActiveMQ <=5.15.5 - Cross-Site Scripting
- POC 2025-08-01CVE-2018-8024: Apache Spark UI - Cross-Site Scripting
- POC 2025-08-01CVE-2018-8033: Apache OFBiz 16.11.04 - XML Entity Injection
- POC 2025-08-01CVE-2019-0192: Apache Solr - Deserialization of Untrusted Data
- POC 2025-08-01CVE-2019-0193: Apache Solr DataImportHandler <8.2.0 - Remote Code Execution
- POC 2025-08-01CVE-2019-0221: Apache Tomcat - Cross-Site Scripting
- POC 2025-08-01CVE-2019-0230: Apache Struts <=2.5.20 - Remote Code Execution
- POC 2025-08-01CVE-2019-0232: Apache Tomcat `CGIServlet` enableCmdLineArguments - Remote Code Execution
- POC 2025-08-01CVE-2019-10092: Apache HTTP Server <=2.4.39 - HTML Injection/Partial Cross-Site Scripting
- POC 2025-08-01CVE-2019-10098: Apache HTTP server v2.4.0 to v2.4.39 - Open Redirect
- POC 2025-08-01CVE-2019-17558: Apache Solr <=8.3.1 - Remote Code Execution
- POC 2025-08-01CVE-2019-17564: Apache Dubbo 2.5.x-2.7.4 - Insecure Deserialization
- POC 2025-08-01CVE-2020-11975: Apache Unomi - Remote Code Execution
- POC 2025-08-01CVE-2020-11978: Apache Airflow <=1.10.10 - Remote Code Execution
- POC 2025-08-01CVE-2020-11984: Apache HTTP Server - Remote Code Execution
- POC 2025-08-01CVE-2020-11991: Apache Cocoon 2.1.12 - XML Injection
- POC 2025-08-01CVE-2020-13937: Apache Kylin - Exposed Configuration File
- POC 2025-08-01CVE-2020-13942: Apache Unomi <1.5.2 - Remote Code Execution
- POC 2025-08-01CVE-2020-13945: Apache APISIX - Insufficiently Protected Credentials
- POC 2025-08-01CVE-2020-17518: Apache Flink 1.5.1 - Local File Inclusion
- POC 2025-08-01CVE-2020-17519: Apache Flink - Local File Inclusion
- POC 2025-08-01CVE-2020-17526: Apache Airflow <1.10.14 - Authentication Bypass
- POC 2025-08-01CVE-2020-17530: Apache Struts 2.0.0-2.5.25 - Remote Code Execution
- POC 2025-08-01CVE-2020-1943: Apache OFBiz <=16.11.07 - Cross-Site Scripting
- POC 2025-08-01CVE-2020-1956: Apache Kylin 3.0.1 - Command Injection Vulnerability
- POC 2025-08-01CVE-2020-9484: Apache Tomcat Remote Command Execution
- POC 2025-08-01CVE-2020-9496: Apache OFBiz 17.12.03 - Cross-Site Scripting
- POC 2025-08-01CVE-2021-25646: Apache Druid - Remote Code Execution
- POC 2025-08-01CVE-2021-26295: Apache OFBiz <17.12.06 - Arbitrary Code Execution
- POC 2025-08-01CVE-2021-27850: Apache Tapestry - Remote Code Execution
- POC 2025-08-01CVE-2021-27905: Apache Solr <=8.8.1 - Server-Side Request Forgery
- POC 2025-08-01CVE-2021-29200: Apache OFBiz < 17.12.07 - Arbitrary Code Execution
- POC 2025-08-01CVE-2021-30128: Apache OFBiz <17.12.07 - Arbitrary Code Execution
- POC 2025-08-01CVE-2021-31805: Apache Struts2 S2-062 - Remote Code Execution
- POC 2025-08-01CVE-2021-36749: Apache Druid - Local File Inclusion
- POC 2025-08-01CVE-2021-37580: Apache ShenYu Admin JWT - Authentication Bypass
- POC 2025-08-01CVE-2021-38540: Apache Airflow - Unauthenticated Variable Import
- POC 2025-08-01CVE-2021-40438: Apache <= 2.4.48 Mod_Proxy - Server-Side Request Forgery
- POC 2025-08-01CVE-2021-41773: Apache 2.4.49 - Path Traversal and Remote Code Execution
- POC 2025-08-01CVE-2021-42013: Apache 2.4.49/2.4.50 - Path Traversal and Remote Code Execution
- POC 2025-08-01CVE-2021-44228: Apache Log4j2 Remote Code Injection
- POC 2025-08-01CVE-2021-44451: Apache Superset <=1.3.2 - Default Login
- POC 2025-08-01CVE-2021-45046: Apache Log4j2 - Remote Code Injection
- POC 2025-08-01CVE-2021-45232: Apache APISIX Dashboard <2.10.1 - API Unauthorized Access
- POC 2025-08-01CVE-2022-22733: Apache ShardingSphere ElasticJob-UI privilege escalation
- POC 2025-08-01CVE-2022-23944: Apache ShenYu Admin Unauth Access
- POC 2025-08-01CVE-2022-24112: Apache APISIX - Remote Code Execution
- POC 2025-08-01CVE-2022-24288: Apache Airflow OS Command Injection
- POC 2025-08-01CVE-2022-33891: Apache Spark UI - Remote Command Injection
- POC 2025-08-01CVE-2022-47501: Apache OFBiz < 18.12.07 - Local File Inclusion
- POC 2025-08-01CVE-2023-25194: Apache Druid Kafka Connect - Remote Code Execution
- POC 2025-08-01CVE-2023-27524: Apache Superset - Authentication Bypass
- POC 2025-08-01CVE-2023-49070: Apache OFBiz < 18.12.10 - Arbitrary Code Execution
- POC 2025-08-01CVE-2023-50290: Apache Solr - Host Environment Variables Leak via Metrics API
- POC 2025-08-01CVE-2023-50968: Apache OFBiz < 18.12.11 - Server Side Request Forgery
- POC 2025-08-01CVE-2023-51467: Apache OFBiz < 18.12.11 - Remote Code Execution
- POC 2025-08-01CVE-2024-27348: Apache HugeGraph-Server - Remote Command Execution
- POC 2025-08-01CVE-2024-29868: Apache StreamPipes <= 0.93.0 - Use of Cryptographically Weak PRNG in Recovery Token Generation
- POC 2025-08-01CVE-2024-30188: Apache DolphinScheduler >= 3.1.0, < 3.2.2 Resource File Read And Write
- POC 2025-08-01CVE-2024-32113: Apache OFBiz Directory Traversal - Remote Code Execution
- POC 2025-08-01CVE-2024-36104: Apache OFBiz - Directory Traversal & Remote Code Execution
- POC 2025-08-01CVE-2024-38472: Apache HTTPd Windows UNC - Server-Side Request Forgery
- POC 2025-08-01CVE-2024-38473: Apache HTTP Server - ACL Bypass
- POC 2025-08-01CVE-2024-38856: Apache OFBiz - Improper Authorization & Remote Code Execution
- POC 2025-08-01CVE-2024-39887: Apache Superset < 4.0.2 - SQL Injection
- POC 2025-08-01CVE-2024-41107: Apache CloudStack - SAML Signature Exclusion
- POC 2025-08-01CVE-2024-45195: Apache OFBiz - Remote Code Execution
- POC 2025-08-01CVE-2024-45216: Apache Solr - Authentication Bypass
- POC 2025-08-01CVE-2024-45507: Apache OFBiz - Remote Code Execution
- POC 2025-08-01CVE-2024-56325: Apache Pinot < 1.3.0 - Authentication Bypass
- POC 2025-08-01CVE-2024-56512: Apache NiFi - Information Disclosure
- POC 2025-08-01CVE-2025-24813: Apache Tomcat Path Equivalence - Remote Code Execution
- POC 2025-08-01CVE-2025-27888: Apache Druid - Server-Side Request Forgery
- POC 2025-08-01CVE-2023-46604: Apache ActiveMQ - Remote Code Execution
- POC 2025-08-01CVE-2017-5645: Apache Log4j Server - Deserialization Command Execution
- POC 2025-08-01CVE-2020-11981: Apache Airflow <=1.10.10 - Command Injection
- POC 2025-08-01CVE-2020-1938: Ghostcat - Apache Tomcat - AJP File Read/Inclusion Vulnerability
- POC 2025-08-01CVE-2021-44521: Apache Cassandra Load UDF RCE
- POC 2025-08-01CVE-2024-43441: Apache HugeGraph-Server <1.5.0 - Authentication Bypass
- POC 2025-08-01CNVD-2021-46825: Apache storm未经授权的访问
- POC 2025-08-01CVE-2007-4556: OpenSymphony XWork/Apache Struts2 - Remote Code Execution S2-001
- POC 2025-08-01CVE-2012-0392: Apache Struts2 S2-008 RCE
- POC 2025-08-01CVE-2013-1965: Apache Struts2 S2-012 RCE
- POC 2025-08-01CVE-2013-2251: Apache Struts 2 - DefaultActionMapper Prefixes OGNL Code Execution (S2-016)
- POC 2025-08-01CVE-2016-3081: Apache S2-032 Struts RCE
- POC 2025-08-01CVE-2017-12611: Apache Struts2 S2-053 - Remote Code Execution
- POC 2025-08-01CVE-2017-12615: Apache Tomcat 的远程代码执行漏洞
- POC 2025-08-01CVE-2017-12629: Apache Solr <= 7.1 XML entity injection
- POC 2025-08-01CVE-2017-5638: Apache Struts 2 - Remote Command Execution S2-045 S2-046
- POC 2025-08-01CVE-2017-9791: Apache Struts2 S2-053 RCE
- POC 2025-08-01CVE-2018-11759: Apache Tomcat JK Connect <=1.2.44 - Manager Access
- POC 2025-08-01CVE-2018-11776: Apache Struts2 S2-057 - Remote Code Execution
- POC 2025-08-01CVE-2018-8033: Apache OFBiz XXE
- POC 2025-08-01CVE-2019-0193: Apache Solr Remote Code Execution
- POC 2025-08-01CVE-2019-0230: Apache Struts <=2.5.20 - Remote Code Execution S2-059
- POC 2025-08-01CVE-2020-11991: Apache Cocoon 2.1.12 XML Injection
- POC 2025-08-01CVE-2020-13937: Apache Kylin Exposed Configuration File
- POC 2025-08-01CVE-2020-13945: Apache APISIX 默认密钥漏洞
- POC 2025-08-01CVE-2020-17518: Apache Flink 1.5.1 - Local File Inclusion
- POC 2025-08-01CVE-2020-17519: Apache Flink RESTful API Arbitrary File Read
- POC 2025-08-01CVE-2020-17526: Apache Airflow <1.10.14 - Authentication Bypass
- POC 2025-08-01CVE-2020-17530: Apache Struts 2.0.0-2.5.25 - Remote Code Execution S2-061
- POC 2025-08-01CVE-2020-1938: Ghostcat - Apache Tomcat - AJP File Read/Inclusion Vulnerability
- POC 2025-08-01CVE-2020-9496: Apache OFBiz XML-RPC Java Deserialization
- POC 2025-08-01CVE-2021-25646: Apache Druid - Remote Code Execution
- POC 2025-08-01CVE-2021-27905: Apache Solr <= 8.8.1 SSRF
- POC 2025-08-01CVE-2021-29200: Apache OFBiz < 17.12.07 - Arbitrary Code Execution
- POC 2025-08-01CVE-2021-31805: Apache Struts2 S2-062 RCE
- POC 2025-08-01CVE-2021-36749: Apache Druid Authentication Restrictions Bypass
- POC 2025-08-01CVE-2021-37580: Apache ShenYu Admin JWT authentication bypass
- POC 2025-08-01CVE-2021-40438: Apache <= 2.4.48 Mod_Proxy SSRF
- POC 2025-08-01CVE-2021-41773: Apache 2.4.49 - Path Traversal and Remote Code Execution
- POC 2025-08-01CVE-2021-42013: Apache 2.4.49/2.4.50 - Path Traversal and Remote Code Execution
- POC 2025-08-01CVE-2021-44228: Apache Log4j2 Remote Code Injection
- POC 2025-08-01CVE-2021-44451: Apache Superset Default Password
- POC 2025-08-01CVE-2021-45232: Apache APISIX Dashboard <2.10.1 - API Unauthorized Access
- POC 2025-08-01CVE-2022-23944: Apache ShenYu Admin Unauth Access
- POC 2025-08-01CVE-2022-24112: Apache APISIX apisix/batch-requests RCE
- POC 2025-08-01CVE-2022-33891: Apache Spark UI - Remote Command Injection
- POC 2025-08-01CVE-2023-25194: Apache Druid kafka RCE 漏洞
- POC 2025-08-01CVE-2023-27524: Apache Superset身份验证绕过
- POC 2025-08-01CVE-2023-32007: Apache Spark远程代码执行漏洞
- POC 2025-08-01CVE-2023-37582: Apache RocketMQ 远程命令执行漏洞
- POC 2025-08-01CVE-2023-46589: Apache Tomcat - Request Smuggling
- POC 2025-08-01CVE-2023-46604: Apache ActiveMQ RCE
- POC 2025-08-01CVE-2023-49070: Apache OFBiz < 18.12.10 - Arbitrary Code Execution
- POC 2025-08-01CVE-2024-38856: Apache OFBiz CVE-2024-38856 远程命令执行漏洞
- POC 2025-08-01CVE-2024-39887: Apache Superset < 4.0.2 - SQL Injection
- POC 2025-08-01CVE-2024-45216: Apache Solr 身份认证绕过
- POC 2025-08-01CVE-2025-27817: Apache Kafka 客户端任意文件读取
- POC 2025-08-01ambari-default-password: Apache Ambari Default Password
- POC 2025-08-01apisix-default-login: Apache Apisix Default Admin Login
- POC 2025-08-01dolphinscheduler-default-login: Apache DolphinScheduler Default Login
- POC 2025-08-01druid-default-login: Apache Druid Default Login
- POC 2025-08-01kafka-center-default-password: Apache Kafka Center Default Password
- POC 2025-08-01karaf-default-login: Apache Karaf - Default Login
- POC 2025-08-01ofbiz-default-password: Apache OfBiz Default Login
- POC 2025-08-01ranger-default-login: Apache Ranger - Default Login
- POC 2025-08-01hadoop-disclosure: Apache Hadoop Disclosure
- POC 2025-08-01nifi-api-unauthorized-access: Apache Nifi Api Unauthorized Access
- POC 2025-08-01nifi-unauth: Apache NiFi - Unauthenticated Access
- POC 2025-08-01storm-unauthorized-access: Apache Storm Unauthorized Access
- POC 2025-08-01zeppelin-unauth: Apache Zeppelin - Unauthenticated Access
- POC 2025-08-01zookeeper-unauth: Apache ZooKeeper - Unauthenticated Access
- POC 2025-08-01apache-druid-unauth: Apache Druid Unauth
- POC 2025-08-01apache-ofbiz-log4j-rce-temp: Apache OFBiz Log4j JNDI RCE
- POC 2025-08-01apache-ofbiz-log4j-rce: Apache OFBiz Log4j JNDI RCE
- POC 2025-08-01apache-ofbiz-programexport-rce: Apache ofbiz programexport RCE
- POC 2025-08-01apache-ofbiz-CVE-2023-51467-xmlrpc-rce: Apache ofbiz CVE-2023-51467 xmlrpc RCE
- POC 2025-08-01apache-solr-remotestreaming-anyfileread: Apache Solr RemoteStreaming 任意文件读取
- POC 2025-08-01solr-bypass-fileread: Apache-Solr 身份认证绕过导致任意文件读取
- POC 2025-08-01solr-log4j-rce: Apache Solr Log4j Remote Code Execution
- POC 2025-08-01file-disable-http-trace-method: Disable Apache2 HTTP TRACE Method
- POC 2025-08-01file-disable-server-header: Disable Apache2 Server Header
- POC 2025-08-01file-disable-server-signature: Disable Apache Server Signature
- POC 2025-08-01CVE-2020-9480: Apache Spark - Authentication Bypass